CVE-2026-5422
Analyzed Analyzed - Analysis Complete
Path Traversal in Jupyter Server

Publication date: 2026-06-02

Last updated on: 2026-06-03

Assigner: huntr.dev

Description
A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.py. The check uses startswith(root) without appending a trailing path separator, allowing sibling directories with names starting with the same prefix as root_dir to bypass the check. Additionally, the to_os_path() function in utils.py does not strip ".." from path parts, enabling traversal sequences to bypass the vulnerable check. This vulnerability can lead to unauthorized read/write access to files in sibling directories, potentially exposing sensitive data in shared hosting environments.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-02
Last Modified
2026-06-03
Generated
2026-06-22
AI Q&A
2026-06-02
EPSS Evaluated
2026-06-21
NVD
CVE-2026-5422
EUVD
EUVD-2026-33905
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
jupyter jupyter_server 2.17.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a path traversal issue in jupyter-server version 2.17.0. It occurs because the function that checks if a file path is within a designated root directory (_get_os_path) uses a method that can be bypassed by sibling directories with similar name prefixes. Additionally, another function (to_os_path) does not remove ".." path parts, allowing attackers to traverse directories outside the intended root. This means an attacker can access files outside the allowed directory.

Impact Analysis

This vulnerability can allow unauthorized users to read or write files in directories that should be inaccessible, including sibling directories to the root directory. In shared hosting environments, this could lead to exposure of sensitive data or unauthorized modification of files.

Compliance Impact

This vulnerability allows unauthorized read/write access to files in sibling directories, potentially exposing sensitive data in shared hosting environments.

Such unauthorized access and potential data exposure could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls over access to sensitive information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5422. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart